{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b63e10a4-6236-5d1a-a216-a8ab75de6a32", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-instrument-tomcat", "version": "3.1.1.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f257658d-49a9-5426-b041-2df056cacb13", "id": "CVE-2013-4152", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-4152 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:becc0d7e-9cd9-54af-9927-32c1c8b43662", "id": "CVE-2013-6429", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6429 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d2a9212-26fa-59fd-8c26-b26d885a17b4", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8eeae3f-adc1-5381-bcfc-e6d549a88992", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:efb16730-f675-57e6-8d69-62dd3e76c26d", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d84d7cf6-4fa1-536a-ad14-46e558c7cb6a", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf75d7cb-6b63-5cab-b08c-8520121b3777", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be24828b-3d7d-5159-828b-bc2652cadb37", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dafb9edb-e256-5cac-8877-e683af1ce20a", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b2c7ea8-2e97-5297-8dbf-2cb5a7d607cc", "id": "CVE-2015-3192", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-3192 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:699ef9e4-7416-52ed-9ef9-3ec972537a3e", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b995f9ec-8580-5462-ad18-1f953e986a3d", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1f8bc1c-126f-5c40-b2dd-44a8f9c35fa7", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ccc7331-ec09-5aa3-ad35-4f703920a9b5", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8a086fb-70fd-5cc1-890f-8642499a2dfc", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc84ca93-7a35-50ed-bcc5-341bbc83784d", "id": "CVE-2018-11040", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-11040 is a false positive for org.springframework:spring-instrument-tomcat 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:08366e83-817f-5134-a6cc-b2d255fd28ca", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-instrument-tomcat 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2c8e5f4-43ec-5e62-ac76-311868083380", "id": "CVE-2018-1270", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1270 is a false positive for org.springframework:spring-instrument-tomcat 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c37f29ee-0bd7-5689-b4a5-0f3218421dbb", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4f63ccd3-59e8-5cd6-9ef5-3556b02aba58", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:978ca901-15d7-559f-8a58-ae5ea6d4496e", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df778186-f595-5680-b1ad-9cf26e1f3103", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2862f89-4695-5aa4-bd9d-95ad1158bce1", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b94104e5-d4fc-5142-9db7-fe6aa858f706", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ceccc76-0da5-5981-988a-6ef2ec0ca24a", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1f51ed1-5761-5e06-bc76-6ae49e1a17c2", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:66773407-54eb-5ba2-8721-cf0bafb7d55c", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d0333a4-5067-5146-b854-f66de87f2955", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2084ac7c-f8a7-51d3-b2ca-8b7ce6d9d318", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3615ec52-9653-56c2-a774-ed02caa2450d", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac51a40d-7a3f-56b2-b22f-698c85c7e3f3", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d77deb6-3bfc-58f0-b870-0a4dd504f45a", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:90398d08-dadf-5310-8877-b72282dc5b99", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:949de215-fba0-5532-a09c-67bb1389ae33", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dfcf31a5-6eba-566d-83a4-3fd70fb5fdb5", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:068a70ff-69eb-54fd-906c-2934082250a3", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e107633-cadf-5346-9de0-b58ca427305b", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2cb58029-7604-5598-b2f8-483f722c3ad6", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cbd0bb62-f958-5a54-9ff9-f7b82c263907", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5a158fe-d451-5f08-9146-2bf70a2772f7", "id": "CVE-2025-41242", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41242 is a false positive for org.springframework:spring-instrument-tomcat 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be2d9bd5-c19b-5318-9ce2-6dba54ac377b", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25a1a542-e437-5530-9a21-e918ac9e9b4f", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.1.1.RELEASE-tuxcare.1" } ] }